Secondary menu

Main menu

Main menu

Secondary menu

You are here

Let's Talk About PCI Compliance for Drupal

Drupal makes it incredibly easy to turn even the simplest website into a full fledged commerce solution. All you have to do is download a few modules, check a few boxes, and you’re up and running in no time!

UNFORTUNATELY, THERE’S A (BIG) CATCH.

Accepting credit/debit card payments online makes a website subject to the Payment Card Industry Data Security Standard (PCI DSS). This maze of policies, procedures, and responsibilities can seem overwhelming and expensive, leading many to give up and/or question whether it’s worth trying to become compliant. However, ignoring one’s responsibilities can increase the odds of a security breach, which can have the following (severe) consequences:

FORTUNATELY, IT DOESN’T HAVE TO BE THIS WAY.

The time it takes to become PCI compliant can be reduced from months to minutes (ok this is a slight exaggeration) by selecting the right modules and configuring them properly. And for websites with requirements that prevent these solutions from being used, it’s definitely possible to achieve and maintain compliance. It simply takes the correct knowledge and the willingness to make it happen. Having been through this painful learning curve myself, my goal is to convey the knowledge I’ve learned over the past 4 years and inspire you to take action on it.

WHO SHOULD ATTEND?

This talk is geared towards a diverse audience: developers, Drupal shops, and companies evaluating Drupal for their eCommerce solution. After all, each group shares the responsibility of ensuring that payments are handled securely.